Experts at Sophos have discovered a widespread spam attack, claiming to contain a link to news about the new president.

The emails, which have subject lines such as “Obama win preferred in world poll” and claim to come from news@president.com, have accounted for approximately 60% of all malicious spam seen by SophosLabs in the last hour.

Clicking on the link, however, takes internet users to a webpage which insists you download Adobe Flash 9 to view a video of the first African-American president making an “amazing speech”. But it’s not Flash version 9, and this website is not just bogus – it’s downright dangerous.

If you install the fake version of Adobe Flash you will actually be infecting your computer with a malicious Trojan horse detected by Sophos as Mal/Behav-027. If infected by it, PC owners could find that their data has been compromised and potentially their identity stolen.

Sophos experts have determined that the malicious Trojan horse incorporates the following characteristics:

The malware contains rootkit technology to conceal itself.

It’s designed to steal information from an infected computer.

It also has general “backdoor” functionality.

It spies on user’s keyboard and mouse inputs and can take screenshots.

It looks for passwords.

It submits the information it discovers to a webserver located in Kiev, Ukraine.

Users of other anti-virus products are recommended to check whether updates are available to protect their computers.

Post navigation

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter: <a href="https://twitter.com/gcluley">@gcluley</a>.